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Claims 

1 . Data processing apparatus with 

a local computer unit which correspond to a local data file system for calling and for 
storing and for bi-directional data transfenring of a volume data file by means of a 
5 computer unit 

and an user identification unit, which is corresponding to the local computer unit, 
which enable an access on volume data files through the computer unit by an 
authorized user as a reaction on its positive identification only, 
whereby the volume data file in the local data file system is stored in a encrypted 
10 form, which is not usable for a user 

characterized in that 

- a data transferring path of volume data files between the local computer unit and 
Q the local data file system comprise a corresponding key management unit as a part 

P 3nd functionality of the local computer unit, which generate and assign at least one 

15 user specific and volume data specific key file for each volume data file, 

m - the key management unit with a portion of the local data file system, which is 

connected to the logically separated key database 
J - and for linking of a key file which is stored in the key database with a volume data 

0 file which Is stored in a local data file system for generating an electronic 
2 0 document, that is usable by an user 

1 n - whereby the key database is provided locally in the data processing appliance and 
3 assigned to the local data file system, but logical or structural or physical separated 
^ ^ from a drive - or mass storage unit. 



25 2. Apparatus as set forth in claim 1, characterized in that the encrypted form comprise the 
encryption by means of a symmetric key. 

3. Apparatus as set forth in claim 1, characterized in that the encrypted form referring of an 
electronic document as provided on a basis of a volume data file comprise a content - or 

30 meaning distorted interchanging, removing or attaching of file components. 

4. Apparatus as set forth in claim 1 , characterized in that the local data file system is a 
database and the volume data file is a database register or database records of the 
database. 
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5. Apparatus as set forth in claim 1, characterized in that the local data file system is a mass 
storage unit on a workplace with preferable a plurality of users. 

6. Apparatus as set forth in claim 1 , characterized in that the volume data files comprise 
digital text-, program-, image-, sound- and video files and combinations of these. 

7. Method for storing and for calling of electronic files, in particular for operating of data 
processing appliance as set forth in claim 1, characterized by the steps: 

identifying of an user who has access to a computer unit and who has access to a 
volume data files which is stored on a data file system that is assigned to a 
computer unit; 

enabling an authorized access on user specific volume data file as a reaction on a 
positive identification; 

generating of a volume data file and user specific key fife for an electronic 
document that is stored in the data file system and a subsequent linking of the 
electronic document with the key file for generating and storing of a volume data 
file, which is not usable for an user; 
storing of the generated key file in a key storage unit; 

reading of a volume data file and user specific key file as reaction on an access 
command of an user; 

linking of the readout key file vwth the volume data file that is given in a non-usable 
fonn for an user and that is read-out from the data file system and generating of an 
usable electronic document. 

8. Method for encrypting of an electronically stored original amount of data, in particular a 
method for generating of a volume data file and user specific key file as set forth in claim 7 
whereby the electronically stored original amount of data comprise a sequence of 
information components of a meta language in form of a written language, of a number 
system or of infonnation component from data elements that are anranged in a 
predetermined, unitary fomnat structure, in particular image-, sound- or program 
information and that are stored in a plurality of electronic addressable storage area, 
comprising the steps: 

Interchanging or removing of an infomiation component in the amount of data or 
attaching an information component at a predetermined position in the sequence of 
information components or exchange of an information components with a 
information component that is preferably not Included in the original amount of data 
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by a computer access on the respective storage area for generating of an amount 

of encrypted data; 

generating an amount of key data with information on the interchanged, removed, 
attached or exchanged information component, which is designed in a manner, that 
a reconstruction of the original amount of data is pemnltted and 
storing of the amount of encrypted data and storing of the amount of key data in a 
separated, user specific key file within a common file system. 

Method for encrypting of an electronically stored original amount of data, in partk^uiar a 
method for operating the key management unit in the apparatus as set forth in claim 1 
whereby the electronically stored original amount of data comprise a sequence of 
infomnation components of a meta language in form of a written language, of a number 
system or of infomiation component from data elements that are an^anged in a 
predetermined, unitary format structure, in particular image-, sound- or program 
information and that are stored in a plurality of electronic addressable storage area, 
comprising the steps: 

Interchanging or removing of an information component in the amount of data or 
attaching an information component at a predetermined position in the sequence of 
information components or exchange of an information components with a 
information component that is preferably not included in the original amount of data 
by a computer access on the respective storage area for generating of an amount 
of encrypted data; 

generating an amount of key data with information on the interchanged, removed, 
attached or exchanged information component, which is designed in a manner, that 
a reconstruction of the original amount of data is permitted and 
storing of the amount of encrypted data and storing of the amount of key data in a 
separated, user specific key file within a common file system. 

Method as set forth in claim 8, characterized in that the successive at least twofold 
encryption of the amount of key data whereby each is generated with the step of 
interchanging, removing, attaching or exchanging, whereby a first, hereby generated key 
data record is assigned to a first user and a second following generated key data record is 
assigned to a second user. 
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Method as set forth in claim 9, characterized in that the successive at least twofold 
encryption of the amount of key data whereby each is generated with the step of 
interchanging, removing, attaching or exchanging, whereby a first, hereby generated l^ey 
data record is assigned to a first user and a second following generated key data record is 
assigned to a second user. 

Apparatus for managing an electronically stored original amount of data, in particular for 
operating the method as set forth in claim 7 with 

an analyzing unit, which is designed to access on the original amount of data which are 
stored in a document storage unit and which is designed to electronically detect at least a 
sequence of information components of the original amount of data as a reaction on a 
predetermined or inspected fonnat- or structural data of the original amount of data, 
an encryption unit that is subordinated to the analyzing unit, which is designed for 

interchanging or removing of information components in the original amount of 
data or attaching of an infomnation components at a predetermined position in the 
sequence of information components or exchanging of an information component 
with an infomnation component that is preferably not contained in the original 
amount of data and 

creating an amount of key data with information about the interchanged, removed, 
attached or exchanged information components, which are designed in a manner, 
that a reconstmction of the original amount is permitted with key data, and 

a storage unit which is designed to store the amount of key data in a key data 
storage unit and 

a volume data storage unit, which is designed to store the amount of, encrypted 
data. 

Apparatus for managing an electronically stored original amount of data, in particular as 
part of the key management unit in the apparatus as set forth in claim 1 with 
an analyzing unit, which is designed to access on the original amount of data which are 
stored in a document storage unit and whidi is designed to electronically detect at least a 
sequence of information components of the original amount of data as a reaction on a 
predetemiined or inspected fonnat- or structural data of the original amount of data, 
an encryption unit that is subordinated to the analyzing unit, which Is designed for 
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interchanging or removing of information components in the original amount of 
data or attaching of an information components at a predetermined position in the 
sequence of infomiation components or exchanging of an information component 
with an information component that is preferably not contained in the original 
amount of data and 

creating an amount of key data with information about the Interchanged, removed, 
attached or exchanged information components, which are designed in a manner, 
that a reconstruction of the original amount Is permitted with key data, and 

a storage unit which Is designed to store the amount of key data in a key data 
storage unit and 

a volume data storage unit, which is designed to store the amount of, encrypted 
data. 

Apparatus as set forth in claim 12, characterized in that the encryption unit is assigned to 
an equivalence unit, which provide at least one information component in the original 
amount of data for at least one equivalent information component, that is electronically 
stored, whereby the equivalent information component Is designed in a manner, that it 
match with the Mrresponding information component grammatically, metaphorically, 
syntactically or regarding its format. 

Apparatus as set forth In claim 14, characterized in that the encryptton unit is designed to 
interconnect with a semantic rule-applying unit, so that the interchanging, removing, 
attaching or exchanging are arranged within the grammar, format, metaphoric or syntax 
and which are determined by the format- or structural data. 

Apparatus as set forth in claim 12, characterized in that a random controller unit is 
assigned to the encryption unit, in which the interchanging, removing, attaching or 
exchanging of single information components or sequences of information component 
are controlled by the encryption unit randomly, in particular in a non reproducible manner. 

Apparatus as set forth in claim 12, characterized by an encryption parameter unit that is 
subordinated to the encryption unit, and is designed for storing or Inserting 
predetermined parameter for the interchanging, removing, attaching or exchanging by 
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the encryption unit, in particular regarding a depth of encryption given by a number of 
interchanging, removing, attaching or exchanging operations. 

18. Apparatus as set forth in claim 12, characterized by a conversion unit that is 
subordinated to the encryption unit, and is designed for generating an electronic 
transferable volume data file for the amount of encrypted data and preferably an actively 
executable program- or script file for the amount of key data. 

19. Apparatus as set forth in claim 12, characterized in that the encryption unit is designed to 
generate a plurality of an amount of key data, which comprise at least one of the key 
data does not provide the reconstruction of the original amount of data while combining 
with the amount of encrypted data, but which lead to an amount of data after the 
combining, that is matched with the original amount of data in a syntactically, 
grammatically or format-related manner. 

20. Apparatus as set forth in claim 12, characterized in that the analyzing unit is 
subordinated to the encryption unit and is designed in a manner that the amount of key 
data comprise infomnation about the exchanging - or interchanging given by information 
component used to interchange, remove, attach or exchange. 



